[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Some details on RSA Secure
Here are my biased comments on RSA Secure. They are biased by
the fact that I an a techie who works for RSA Data Security.
Neatest Features:
- It is integrated with the File Manager on Windows and the
Finder on Mac System 7.
For example, from the file manager you can double click on
an encrypted Excel spread sheet and the file will automatically
decrypt and launch Excel. The decryption can be automatic
because the file manager hangs on to your password for a settable
number of minutes.
- A settable list of files can be automatically decrypted (or
encrypted) on system startup (or shutdown).
Technical Features:
- The random number generator for file encryption keys and public
keys is seeded by user keystrokes or wiggling the mouse. The
GUI for this is really fun to play with, but it only comes up
when you first install the software.
- The user's passphrase unlocks a master key that is used to unlock
the file encryption key for each file.
- Tamper detection for encrypted files using an MD5 hash.
- If emergency key access is turned on then the file encrypting
key is also encrypted with the public key for emergency key
access. That public key is usually split into 5 or more pieces
and two or three of the pieces are required to perform the
emergency access functions. A quick look at the file header
reveals whether the escrow feature is in use.
- Files encrypted with the 40 bit demo version can be read by
the 80 bit commercial version, and will be automatically
upgraded to 80 bit security when they are reencrypted.
- Runs on DOS, Windows, Mac, and SunOS. Other ports coming soon.
Coming Soon:
- Password based file sharing. A simple way to protect files
in transit using a secret passphrase known only to the sender
and receiver. Currently, only the person who encrypted the
file can decrypt it.
- Self decrypting binaries. This allows you to send an encrypted
file to someone who does not have RSA Secure. They execute
the file, which then asks for the password and extracts the
contents if the password is correct. The sender can choose
to use 40 or 80 bit encryption keys in order to comply with
export regulations.
Request for Improvements:
What else should be in a product that is aimed at
the commercial laptop market?
--Bob Baldwin